How do I install Vigile?

Vigile is a local plugin. Install it using npm package: vigile-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What AI apps work with Vigile?

Vigile uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Vigile MCP Server

by Vigile Ai

Developer ToolsLow Risk10.0MCP RegistryLocal

Free

Server data from the Official MCP Registry

Query trust scores for MCP servers and agent skills. Check if a tool is safe.

About

Query trust scores for MCP servers and agent skills. Check if a tool is safe.

Security Report

10.0

Low Risk10.0Low Risk

Valid MCP server (2 strong, 4 medium validity signals). No known CVEs in dependencies. Package registry verified. Imported from the Official MCP Registry.

7 files analyzed · 1 issue found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

file_system

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

env_vars

Check that this permission is expected for this type of plugin.

Shell Command Execution

Runs commands on your machine. Be cautious — only use if you trust this plugin.

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-vigile-ai-vigile-mcp": {
      "args": [
        "-y",
        "vigile-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

vigile-mcp

MCP server for Vigile AI Security — query trust scores for MCP servers and agent skills directly from your AI coding assistant.

Works with Claude Desktop, Claude Code, Cursor, VS Code, Windsurf, and any MCP-compatible client.

Installation

Claude Desktop

Add to your Claude Desktop config file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Claude Code

claude mcp add --transport stdio vigile --scope user -- npx -y vigile-mcp

Or add to your project's .mcp.json:

{
  "vigile": {
    "command": "npx",
    "args": ["-y", "vigile-mcp"]
  }
}

Cursor

Add to ~/.cursor/mcp.json:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

VS Code (Copilot)

Add to .vscode/mcp.json in your project:

{
  "servers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Windsurf

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"]
    }
  }
}

Global Install (Alternative)

npm install -g vigile-mcp

Then replace "command": "npx", "args": ["-y", "vigile-mcp"] with "command": "vigile-mcp" in any config above.

What It Does

Vigile scans and scores MCP servers and agent skills for security issues like tool poisoning, data exfiltration, prompt injection, and supply chain attacks. This MCP server brings those trust scores into your AI workflow — so your coding assistant can check whether a tool is safe before using it.

Covers servers from npm, Smithery, PyPI, and other registries, plus agent skills from Claude Code, Cursor, OpenClaw/ClawHub, and more.

Tools

Tool	Description
`vigile_check_server`	Look up trust score for an MCP server by name or package
`vigile_check_skill`	Look up trust score for an agent skill (claude.md, .cursorrules, OpenClaw skills, etc.)
`vigile_scan_content`	Scan raw content from a claude.md, .cursorrules, skill.md, or similar file for security issues
`vigile_search`	Search the Vigile trust registry by keyword
`vigile_verify_location`	Verify whether a skill uses location data safely and check for location-based attack patterns

Example Usage

Once installed, your AI assistant can use these tools naturally:

"Check if @anthropic/mcp-server-filesystem is safe" "Scan this claude.md file for security issues" "Search for database MCP servers and show me their trust scores"

Trust Scores

Vigile rates every server and skill on a 0-100 scale:

Score	Level	Meaning
80-100	Trusted	No significant issues found
60-79	Caution	Minor issues, review recommended
40-59	Risky	Notable security concerns
0-39	Dangerous	Critical issues, do not use

Authentication

By default, vigile-mcp uses the public Vigile registry (rate-limited). For higher limits, set your API key:

{
  "mcpServers": {
    "vigile": {
      "command": "npx",
      "args": ["-y", "vigile-mcp"],
      "env": {
        "VIGILE_API_KEY": "vgl_your_key_here"
      }
    }
  }
}

Get an API key at vigile.dev.

Rate Limits

Tier	Scans/min	Monthly Quota
Free (no key)	10	50
Pro ($30/mo)	60	1,000
Pro+ ($100/mo)	300	5,000

Registry lookups (vigile_check_server, vigile_check_skill, vigile_search) do not count against your scan quota. Only vigile_scan_content consumes scans.

Requirements

Node.js 18+
An MCP-compatible client

Disclaimer

THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. Vigile AI Security provides security scanning and trust scoring as informational tools only. Trust scores, scan results, and security assessments are based on automated analysis and should not be considered definitive security guarantees.

Vigile does not guarantee the detection of all security threats, vulnerabilities, or malicious behavior. Users are solely responsible for their own security decisions and should use Vigile as one component of a comprehensive security strategy.

By using this software, you agree to the Vigile Terms of Service.

License

MIT

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

MarkItDown

Free

by Microsoft · Content & Media

Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption

mcp-creator-typescript

Free

by mcp-marketplace · Developer Tools

Scaffold, build, and publish TypeScript MCP servers to npm — conversationally

FinAgent

Free

by mcp-marketplace · Finance

Free stock data and market news for any MCP-compatible AI assistant.

Vigile MCP Server

About

Security Report

Findings (1)

Permissions Required

How to Install

Documentation

vigile-mcp

Installation

Claude Desktop

Claude Code

Cursor

VS Code (Copilot)

Windsurf

Global Install (Alternative)

What It Does

Tools

Example Usage

Trust Scores

Authentication

Rate Limits

Requirements

Disclaimer

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent

Vigile MCP Server

About

Security Report

Findings (1)

Permissions Required

How to Install

Documentation

vigile-mcp

Installation

Claude Desktop

Claude Code

Cursor

VS Code (Copilot)

Windsurf

Global Install (Alternative)

What It Does

Tools

Example Usage

Trust Scores

Authentication

Rate Limits

Requirements

Disclaimer

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent